From 6091a5326b9e4daf12d0d829f1e22dfaaae4a374 Mon Sep 17 00:00:00 2001 From: "jing.zhao" Date: Mon, 9 Nov 2020 14:42:00 +0800 Subject: [PATCH] [CLOUD-1562] append permission in clusterrole/argo-workflow-controller-cluster-role --- .../argo/templates/workflow-aggregate-roles.yaml | 6 ++++++ .../templates/workflow-controller-clusterrole.yaml | 14 ++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/charts/argo/templates/workflow-aggregate-roles.yaml b/charts/argo/templates/workflow-aggregate-roles.yaml index d817ead7..b89e7b13 100644 --- a/charts/argo/templates/workflow-aggregate-roles.yaml +++ b/charts/argo/templates/workflow-aggregate-roles.yaml @@ -18,6 +18,8 @@ rules: - workflowtemplates/finalizers - cronworkflows - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - get - list @@ -42,6 +44,8 @@ rules: - workflowtemplates/finalizers - cronworkflows - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - create - delete @@ -71,6 +75,8 @@ rules: - workflowtemplates/finalizers - cronworkflows - cronworkflows/finalizers + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers verbs: - create - delete diff --git a/charts/argo/templates/workflow-controller-clusterrole.yaml b/charts/argo/templates/workflow-controller-clusterrole.yaml index 6b99a14a..7484c8b6 100644 --- a/charts/argo/templates/workflow-controller-clusterrole.yaml +++ b/charts/argo/templates/workflow-controller-clusterrole.yaml @@ -32,6 +32,7 @@ rules: resources: - persistentvolumeclaims verbs: + - get - create - delete - apiGroups: @@ -56,6 +57,19 @@ rules: - get - list - watch +- apiGroups: + - argoproj.io + resources: + - clusterworkflowtemplates + - clusterworkflowtemplates/finalizers + verbs: + - create + - get + - list + - watch + - update + - patch + - delete - apiGroups: - argoproj.io resources: